Motivation for storing passwords in plaintext

Due to the leakage of csdn passwords, everyone has been paying attention to the security of their Internet accounts, which has long existed, but this time it has been exposed.

The reason for storing passwords in plaintext is analyzed below. Transferred from

Http://shell909090.com/blog/2011/12/%e5%af%86%e7%a0%81%e4%b8%ba%e4%bb%80%e4%b9%88%e6%98%8e%e6%96%87%e5%ad%98%e6%94%be/

I wrote a blog long ago and said that your password should be password-secured at a time. At least some passwords will not be too broad when they are leaked. As a result, csdn was shot. I will not discuss how many people are in a hurry to change their passwords and how many people are leaked. I will explain why the passwords are frequently stored in plain text.

Since I remembered it, I have never stored a password in plain text in my application. First, it is stored in MD5 mode. MD5 allows you to find the hash value, and sometimes it will be used for exhaustion. However, in any case, the MD5 password itself is much safer than the plaintext. Later, it was changed to the challenge-response verification mode. It also uses MD5 hash for c-r. Later, the paper of MD5 collision conflicts came out, and most of them were used sha256. From the beginning to the end, I have never stored passwords in plain text, and I think this is the minimum cultivation of normal programmers. (Of course, the Code stored in plain text is not absent, but it is a debugging mode.) But now I know that identity verification in many systems is stored in plain text. Why? In fact, I don't quite understand. But sometimes I ask, some people tell me a few reasons that I don't think it's a barrier. Now I want to copy the text below to tell you.

 

1. The check cannot be performed without a plaintext password. Everyone knows that Internet review usually calls XX users' passwords. If you cannot give it, you will think that you do not cooperate with each other and it is difficult to solve things. As the owner of the review institution, of course, there is no need to know the dangers of plaintext passwords. They only know why I need a password. Therefore, the programmers of the miserable Cui will often get a dead command to save the plaintext password.

 

2. I don't know what the password is. There are too many basic new people on the Internet in China, and they have grown from the gaps in the stone. This is not a bad thing. The bad thing is that these people often encounter strange problems on some basic issues. For example, some programmers write programs very quickly, but they never know what problems will occur when the passwords are stored in plaintext. What's even more amazing is that one of these people has a bank...

 

3. A mixed account with confidence and violence. Some people have better self-confidence than others, and they are better at what is inexplicable. For example, my server is certainly okay, so my password must be stored in plain text. If not, I doubt my technology. To be honest, this kind of person is really a minority.

 

4. legacy systems. Many systems use Plaintext Passwords for some other reason. After that, the reason does not exist. It is difficult to upgrade the password system. Because the password system is too important, it is always inclined not to modify the system if there is no great benefit. But what are the benefits of promoting system modification? User security issues are not a problem before they are discovered-like this csdn, it will not be considered a problem if it is not exposed. System administrators do not have enough motivation to modify the system.

 

5. dark corners of the world. Sometimes, the reason why programmers/bosses store data in plain text is to facilitate the theft of other website materials of users. For example, in a phishing case I know, you registered a website and provided many free services, the website also looks very reliable-in addition to the fact that this website suddenly broke out, it actually uses your birthday/password to guess the password of the credit card/bank card, this website is not registered in the United States, but a country that has never heard of it. In addition, many websites provide functions such as import from other websites, which is more dangerous. In the past, Twitter passwords were often stolen, mainly because the third-party applications on Twitter needed to provide native passwords before oauth was opened. As a result, many small applications actually wanted to collect passwords...

 

6. For convenience. The reason is similar to the previous one, but not for some sinister purpose. Instead, customers often ask why I cannot do XX tasks, and why I cannot do it. Well, we have to save the plaintext password for your convenience.

 

There are many reasons for saving the plaintext password, but the conclusions are the same. You cannot use the same password for any website/service, except for the Zero-level password. In particular, do not use the same bank card password/online banking password in the two banks. From the perspective of future evolution, the future evolution trend of passwords is the core authorization system. That is, you need to verify the identity to a website, you only need to verify the identity to the authentication provider, and the rest will be completed automatically. The current openid is a solution. No password. What else do you want to talk about? Meanwhile, the refined division of entity interaction and authorization is also a trend. When a website accesses data of another website, an access token is formed. This token specifies the content to be accessed in detail and requires user authorization. Oauth represents this trend. Another trend is to use a safe enough device as the terminal carrier of both. Currently, this device uses a mobile phone, but the mobile phone is not a safe enough device. Maybe this will be the hidden danger of the next XX door.